 statestress magnetPremium,Mod
join:2002-02-08
Purgatory
kudos:6
Webhosting
Android
Sonic.net
UK Broadband
FAQ Owners chat
| CC companies threaten Discovery over Mythbusters Show I ran across an interesting article on Gizmodo tonight about several credit card companies (VISA, American Express and Discover) threatening to pull advertising from the Discovery Channel if they aired a Mythbusters special about RFID technology and how susceptible it may be to hacking and tracking.
The Mythbusters crew called Texas Instruments for an initial interview about the technology, and who pops up but Chief Council from each of these companies. It begs the question, how insecure is this technology really? What's being hidden or undisclosed to the consumer (if anything) and why?
RFID chips are super cool because those little buggers can beam things wirelessly. The guys at Mythbusters totally thought so too and wanted to make an episode about how trackable and hackable RFID chips were. Sounds amazing! Everyone would've learned more about the technology that's invisibly invading our lines. But, nope. Credit Card companies banned 'em.
Specifically, it looks like the lawyers of Visa, American Express, Discover and all the other bigwig debt slurpin' credit card companies got in immediate contact with Discovery (the network that airs Mythbusters) and told 'em if Savage and crew did the episode, the credit card companies would pull its advertisements and commercials from Discovery. Discovery caved and the RFID episode was axes. Bummer.
»www.youtube.com/watch?v=hq7kBhts···&list=UL |
|
 JuggernautIrreverent or irrelevant?Premium
join:2006-09-05
Everywhere
kudos:1 | Isn't this at least a couple of years old? I remember a post from way back on this. |
|
 dvd536as Mr. Pink as they comePremium
join:2001-04-27
Phoenix, AZ
kudos:4 | said by Juggernaut:Isn't this at least a couple of years old? I remember a post from way back on this.
Me too. nothing new here.
now theres a job for anonymous!
with these cards someone doesn't even need to pickpocket a wallet/purse to get your CC info. anyone with a reader concealed in a laptop bag can brush against you and nab your credit / debit card info!!
my rfid enabled cards sit in a safe or in my safe dep box. |
|
JuggernautIrreverent or irrelevant?Premium
join:2006-09-05
Everywhere
kudos:1 | said by dvd536:my rfid enabled cards sit in a safe or in my safe dep box. Hell, my CC company sent me a new one within 6 months of getting the RFID card. That'll tell you something right there. |
|
 Doctor OldsI Need A Remedy For What's Ailing Me.Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
2 edits | reply to state
said by state:I ran across an interesting article on Gizmodo tonight about several credit card companies (VISA, American Express and Discover) threatening to pull advertising from the Discovery Channel if they aired a Mythbusters special about RFID technology and how susceptible it may be to hacking and tracking.
Wow, Gizmodo is recycling news from 2008 acting like it is new?
Mythbusters Blocked From Revealing RFID Myths
5:00 PM - September 3, 2008 by Steve Seguin
»www.tomshardware.com/news/Mythbu···313.html
And Gizmodo only recycled the first part of the story and that initial version was retracted later.
Here is the rest of the story.
'MythBusters' co-host backpedals on RFID kerfuffle
by Daniel Terdiman September 3, 2008
»news.cnet.com/8301-13772_3-10031···1_3-0-20
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time? |
|
|
|
| reply to dvd536
said by dvd536:my rfid enabled cards sit in a safe or in my safe dep box.
My RFID enabled cards went into the shredder when I found out what they were.
The credit card companies replaced them with non-RFID cards after I called the phone number on the back and asked. I have never had any reason to regret the move. |
|
| reply to state
No need for the shredder or keeping the cards locked-up. Simply place the card on a hard, flat surface (e.g. concrete garage floor) and hit the chip a few times with a hammer until it flattens out. This renders the chip useless, but the magnetic strip still works of course. You can usually discern the slight bump where the chip is on the card, but if not you can search for images of chip locations.
I've also used the hole-puncher method, which works well too. The downside is that it leaves a hole in your card. Then again, that hole often gives me a chance to explain to the clerk why it is there, thus raising awareness. |
|
| reply to TomR_in_MI
It doesn't help when they're pushing for a newer application of RFID called NFC in smartphones and other products. |
|
statestress magnetPremium,Mod
join:2002-02-08
Purgatory
kudos:6 Host:
Webhosting
Android
Sonic.net
UK Broadband
FAQ Owners chat
| reply to Doctor Olds
said by Doctor Olds:Wow, Gizmodo is recycling news from 2008 acting like it is new?
Ugh ... my apologies ladies and gents. I didn't realize this was old news, and very old at that. |
|
 MsradellP.E.Premium
join:2008-12-25
Louisville, KY | reply to state
It may be old news but it's still very relevant! |
|
| reply to kickass69
said by kickass69:It doesn't help when they're pushing for a newer application of RFID called NFC in smartphones and other products.
I am smart enough to not own a smartphone so doesn't affect me at all. |
|
Doctor OldsI Need A Remedy For What's Ailing Me.Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18 | reply to state
said by state:said by Doctor Olds:Wow, Gizmodo is recycling news from 2008 acting like it is new?
Ugh ... my apologies ladies and gents. I didn't realize this was old news, and very old at that. No apology needed. Your head and heart were in the right place, It is Mr. Chan at Gizmodo that should apologize to you and the rest of his readers.
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time? |
|
 trparkyApple... YUMPremium,MVM
join:2000-05-24
Cleveland, OH
kudos:1 | reply to kickass69
At least on smartphones you have to confirm that the purchase is authorized, you need to tap your screen to let the transaction to occur. |
|
Zoder
join:2002-04-16
Miami, FL | Since CC normally carry zero liability for fraudulent purchases, the ones who would appear to suffer the most from RFID insecurity would be the CC companies. So why do they use it if it's so insecure? |
|
 IIIBradIIIComm M-E-L Instr
join:2000-09-28
Greer, SC
 ·T-Mobile US
| Because they DON'T suffer. The merchants that accept cards are the ones that suffer from fraud - the issuers actually make money on it due to enormous chargeback fees and such that merchants pay. When fraud occurs, the merchant (the store the perp purchased from) pays out processing fees, chargeback fees, the original sales price, plus has already lost the original product/service that was purchased. The card issuers pocket the processing & chargeback fees and walk away smiling.
--
»www.FlightSimWorld.com
Remember, there are old pilots and there are bold pilots, but there are no old bold pilots.
Flight Simulator |
|
Zoder
join:2002-04-16
Miami, FL | Very good point. Didn't think of that angle. |
|
 SnowymIRC unix.ro UnderNetPremium
join:2003-04-05
Kailua, HI
kudos:5
 ·RoadRunner Cable
·Clearwire Wireless
| reply to IIIBradIII
said by IIIBradIII: When fraud occurs, the merchant (the store the perp purchased from) pays out processing fees, chargeback fees, the original sales price, plus has already lost the original product/service that was purchased. The card issuers pocket the processing & chargeback fees and walk away smiling.
Whoa! Slow that pony down!
That can be true in the case of an online merchant but if it happened "face-to-face" with the cardholder signing in the presence of the merchant, the issuing bank is generally liable.
Another area where the issuers are eating it is in fraudulent ATM withdrawals.
Trust me, the banks do not profit off of fraudulent use of CC/debit cards, period. |
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to state
Did it occur to you that RFID technology might have changed for the better since 2008?
Do a search here. There are more relevant threads than this old article. A major national bank sent me one of these cards (my first of this type) when it was time to renew the card last year. I first did a knee jerk reaction and was going to call and demand a regular card, but then I started researching the subject and changed my mind as the card I was sent is cutting edge and I think it is safe. But I won't be using it until I have a balance transfer paid off. When that time comes, I will again research the latest information on this issue.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
Mangowww.toao.net
join:2008-12-25
Alberta
kudos:8 Reviews:
 ·Anveo
·Shaw
·voip.ms
·FreePhoneLine
 ·TELUS
·Callcentric
·callwithus
·LINGO
| On the topic of RFID, I've always been wondering about something.
When I use an RFID chip card, I enter my PIN, and the terminal instantly says whether or not I've entered it correctly. Only then does the POS phone home to the payment processor and verify there are funds available.
Therefore, I would think it would be trivial to brute force a PIN since there are a maximum of 10^4 combinations with most banks. (A rare few allow for PINs more than four digits long.)
One would think it would have been just as easy - and far more secure - to implement a system where the entered PIN is sent to the payment processor for verification.
Am I missing something here or would it really be that easy to use my Visa if it were stolen? |
|
Mangowww.toao.net
join:2008-12-25
Alberta
kudos:8 Reviews:
·Anveo
·Shaw
·voip.ms
·FreePhoneLine
·TELUS
·Callcentric
·callwithus
·LINGO
| reply to Snowy
A follow-up question: are the rules for fraudulent swipe/sign transactions the same as the rules for fraudulent chip/pin transactions?
Let's say someone looks over my shoulder as I enter my PIN, then mugs me for my Visa, and uses it before I can cancel it. Who pays?
We only do eCommerce and MOTO, so I've never actually accepted a chip card from a customer. |
|
